The Audit Committee –
Management Perspective
CAUBO 2007, Track # 1
The Relationship of Management, Auditors, Audit
Committees and the Boards working together for
better governance.
UPEI, Tuesday, June 26th
J. Colin Dodds, Ph.D.
President
1
Audit Committee
- a leader for university corporate governance
Terms of Reference


The Audit Committee contributes to the overall governance of Saint Mary’s University
by promoting a culture of transparency, honesty and ethical behaviour
It is now considered a critical part of university governance
Performance


Audit Committee must annually review its mandate and self-assess its performance
Audit Committee takes its work much more seriously than in the past
Meetings

more and longer Audit Committee meetings each year with greater documentation
Whistle Blowing

2
Audit Committee has requested that management look at whistle-blowing policy.
Our initial survey shows that only 2 of 40 universities currently have such a policy.
Audit Committee qualifications
CICA  All members of the Audit Committee should be financially literate, being defined as able to read and
understand basic financial statements, and at least one member of the Committee shall have accounting or
related financial management expertise.
SMU Audit Committee
–
appointed by the Board of Governors
–
all appointees are unrelated Board members, i.e. not ex officio, faculty or students
–
Audit Committee members are all financially literate and have significant accounting or related
financial experience
–
3

Chair – CA with 30 years audit experience with KPMG

Two other members – CA with 20 years management experience and
an MBA who is head of a large corporation

Four support staff – CA, CMA and 2 CGA’s
Previously there was the perception that the Audit Committee was seen as a Committee to ‘park’
the ‘less’ talented Board Members.
Risk Assessment
SMU Terms of Reference for the Audit Committee requires a review of the
overall effectiveness of the managerial process for identifying risks affecting
financial reporting
– increases onus to demonstrate risk management
– management developed a high level description of risks we face on each
category
– also has the effect of "pushing-down" work onto middle managers
where the controls actually exist (or should exist) – risk assessment has to
be embedded in all operations
– at SMU the Audit Committee has led a move toward a comprehensive
inventory of corporate risk – not just risks affecting financial reporting
– new Risk Committee established by the Board of Governors,
chaired by the head of the Audit Committee
4
Risk Assessment – led by Chair of Audit Committee
SMU RISK IDENTIFICATION
ACADEMIC
INFORMATION
TECHNOLOGY
GOVERNANCE
RISK
FINANCIAL
PHYSICAL
HUMAN
RESOURCES
5
Auditor Issues
• SMU Audit Committee constantly guarding auditor independence –
top priority
• Relationship between external auditor and management has definitely
changed over the past 5 years or so – a more distant relationship
• Management Representations (CICA 5370)
• List of representations growing over the years - currently 36
distinct items, e.g. management’s knowledge of fraud activities,
compliance with laws and regulations, and recently –
representing that SMU has obtained all consents for the use of
personal information provided for the auditor’s work
• AC interested in a Sox-like management “certification” of internal
controls, but has settled for now for a copy of the management
representations letter
• Expansion of required representations has created more work,
but a useful checklist of to do items
6
Auditing overload
The university is getting audited from all sides
– Federal Contractors audit
– Granting agencies
– Federal Family Education Loan Program
– HST audit
– IMPACT fund - accountant's report on applied procedures
– HRSDC audit
– Workers Compensation Board review
– CRA audit
– Indirect costs of research grant audit
– External financial statement audit
– Auditor General of Nova Scotia broad scope audit
No internal audit to assist with these
SMU Audit Committee reviews all audit planning and year-end documents
as well as any other reports of the external auditor or any other auditor
7
Case study – HST review

HST audit scheduled – to prepare, we engaged an HST consultant from
Grant Thornton (also the financial statement auditor)

Preliminary review revealed potential HST liability for non-credit programs in
Continuing Education (had been considered an exempt HST supply)

Management decided that Saint Mary’s should voluntarily report the
discrepancy, estimated at $400,000

Working with the consultant, the amount was reduced to $170,000

Audit Committee was pleased with “tone at the top”, i.e. self-disclosure
However, the AC concerned about auditor independence

8
Case study – HST review (continued)

Another HST opportunity came to our attention shortly thereafter

This involved a complex review of SMU capital real property expenditures

Management brought the matter to the attention of the Audit Committee
and called for proposals – 3 bids received including one from the audit firm

Selected KPMG this time, using RFP criteria (management would have
needed AC approval had we selected Grant Thornton)
Result  $244,000 in HST recoveries
9
Case study – “Broad Scope Audit ” by the Auditor General of NS
Response to $850,000 fraud at Collège de l’Acadie
Minister of Education requested OAG to audit the general control environments
at Nova Scotia universities. Included a general review of all NS universities but
detailed audit work at four institutions:
–
Saint Mary's University
–
Dalhousie University
–
University College of Cape Breton
–
Université Sainte-Anne
Specifically, the Minister of Education wanted…
“assurances that the audit procedures and control mechanisms in place
are adequate and appropriate to protect tax dollars.”
10
Case study – Auditor General scope of audit work
AUDIT SCOPE discussed with Audit Committee (limited to Operating Fund)
 Determine if Board of Governors, Audit Committee and management have
adequate systems for budgeting, internal financial reporting and monitoring
 Determine if the Board/Finance Committee are receiving sufficient, appropriate
information from management to fulfill their stewardship responsibilities
 Assess internal controls over operating revenues and expenditures
 Assess policies and systems to control its inventory of computers
 Test compliance with the government’s procurement policy
 Ensure adequate systems to collect and report reliable enrolment data
11
Case study – Auditor General reported results
Our audit of the internal control environment over the revenue/receipts and purchases/payment
cycles at four universities identified no significant control weaknesses.
There is a need at all universities to enhance their business planning processes.
Although the universities have clearly documented policies on when payment of student fees
are due, we believe that the policies should be more strictly enforced.
Procurement transactions tested were in compliance with applicable procurement policies.
Processes for the collection and reporting of enrolment data are generally good although we
believe that identification of non-Canadians requires improvement at some universities.
Concluding Remarks of the Auditor General
12
Overall, our testing and other audit work including review of the external auditors’ working
paper files did not reveal any significant weaknesses with respect to the financial
management and internal controls at the universities.
Conclusion
From the management perspective, the Audit Committee adds value
in several ways:
- objective sounding board for financial issues
- experience of members outside the university offer a broad perspective
- monitor the performance of the firm’s external auditors and audit process
Audit Committee should oversee; it should not manage.
It needs to retain the "big picture," rather than get buried in detail.
Audit Committee is now a critical piece of corporate governance of the university
at a time when the latter is assuming a greater role in universities.
13